Join the Hunt.

Prevent. Detect. Hunt.

InQuest is a cybersecurity services and solutions company founded in 2013 by a well-versed team hailing from both the public and private sectors. Our platform is purpose-built by SOC analysts for SOC analysts and network defenders. With cloud and on-premise capabilities in threat prevention, breach detection, threat hunting and data leakage discovery. We've automated much of the typically mundane tasks of the SOC analyst resulting in analyst level scrutiny of data-in-motion at carrier class speeds as well as data-at-rest, all the while reducing frustration, and in-turn, allowing precious human time to be spent where it matters.

Latest Blog

Since YARA rule creation is a highly valuable skill set we approach the lessons slowly, think of "baby steps" from the movie "What About Bob?" as the approach. In keeping the spirit of the process, we feel that the next natural step to take is to learn about the different components that make up the rules and focus on how they are constructed.

Latest Event

Black Hat USA 2019

AUGUST 3-8, 2019

MANDALAY BAY, LAS VEGAS, NV

Now in its 22nd year, Black Hat USA is the world's leading information security event, providing attendees with the very latest in research, development and trends. Black Hat USA 2019 opens with four days of technical Trainings (August 3-6) followed by the two-day main conference (August 7-8) featuring Briefings, Arsenal, Business Hall, and more.

InQuest Insider

Newsletter

InQuest has just released a new analysis suite for the researcher and hobbyist. Welcome to InQuest Labs! Capable of ingesting malware at scale, samples are fed through a lightweight and less featured version of Deep File Inspection to extract embedded logic, semantic content, metadata, and IOCs such as URLs, domains, IPs, e-mails, and file names.

Get the Insider

Prior to having InQuest, file decompression, decoding and post-processing were all manual steps
that were very time consuming for us. Now that we're using InQuest, all of those steps are
automated and it has given us the ability to apply these steps to not only files we think are
suspicious, but all files received by our users.

Malware Analyst, US Intelligence Community

Having the ability to search historically based on file content is like having our own internal
VirusTotal Retrohunt.

Intrusion Analyst, US Department of Defense

The threat score calculation and assignment being performed by InQuest's engine makes it easy for
us to sift through the legitimate sessions and focus on the real threats targeting our users.

Intrusion Analyst, US Department of Defense

InQuest provides a complete network forensics picture, from session details such as header
information to file details such as the hash, size, type and even the raw file.

Incident Handler, US Intelligence Community

The data loss prevention coverage InQuest provides for data-in-transit is second to none.

Intrusion Analyst, US Department of Defense

The InQuest platform is unlike any other network-based security system we've seen. The
performance of their native capture engine and analytic capabilities are unparalleled in terms
of the throughput it can support and the number of files it can dissect and analyze.

Security Engineer, US Department of Defense

The third-party integrations with multiav and sandbox solutions are seamless. We have never had a
security platform that made it so easy to automate all of our static and dynamic file analysis
efforts.

Security Engineer, US Department of Defense

Over half of our customer’s traffic is encrypted and InQuest is the first security platform we’ve
seen with a specific focus on using SSL related indicators of compromise to detect the bad guy’s
infrastructure.

Intrusion Analyst, Managed Security Service Provider

The threat intelligence InQuest is able to gather and disseminate via their reputation and threat
feeds has alerted us to numerous customer compromises. They are truly at the cutting edge when
it comes to identifying threat actor infrastructure as it is deployed.

Intrusion Analyst, US Intelligence Community

It’s pretty amazing that they are able to support capturing, reassembling, processing, storing
and inspecting content at speeds over 10Gb without dropping traffic all in a 1U box.

Security Engineer, Department of Defense

We’ve been customers for several years now and up until the recent acquisition of their
appliances we were running their collectors on 4U boxes with flash storage cards. As a result of
that acquisition, we went from having to deal with three different vendors to one vendor,
reduced our rackspace footprint as well as our power consumption which all resulted in a huge
cost savings for us. Kudos to InQuest!

Director of Information Security, E-Commerce Company

Through their data orchestration and workflow, they’ve made it really easy for us to establish
repeatable workflows from within their UI. That has saved our SOC analysts a considerable amount
of time and has enabled them to pivot through data from numerous systems all from a single pane
of glass.